[Owasp-appsensor-project] Additional Detection Points - Suspicious Client-Side Behavior

John Melton jtmelton at gmail.com
Wed Jun 9 22:12:03 EDT 2010


I'll say +1 for this generally b/c I think it could provide helpful info,
but would like to know more about if there is anything other than CSP that
fits here ...

On Wed, Jun 9, 2010 at 10:29 AM, Colin Watson <colin.watson at owasp.org>wrote:

> Suggestion to add a new detection point.  Has this already been ruled
> out?  Should it be added?  Is the description/categorization suitable?
>
> Source
> -----------------------------------
> [Owasp-appsensor-project] AppSensor Feedback/Ideas, Sat Nov 21 13:32:39 EST
> 2009
>
> https://lists.owasp.org/pipermail/owasp-appsensor-project/2009-November/000008.html
>
> Description
> -----------------------------------
> The application receives a report of client-side policy exceptions
> (e.g. Firefox Content Security Policy violation report
> https://wiki.mozilla.org/Security/CSP/Specification#Violation_Report_Syntax
> ).
>
> Suggested categorization
> -----------------------------------
> In the suggested new category "Reputation" (see RP1 Suspicious User IP
> Address)
> RP3 Suspicious Client-Side Behavior
> _______________________________________________
> Owasp-appsensor-project mailing list
> Owasp-appsensor-project at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/owasp-appsensor-project
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/owasp-appsensor-project/attachments/20100609/66bd6f95/attachment.html 


More information about the Owasp-appsensor-project mailing list